Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
salt.4663
0052-Don-t-send-passwords-after-shim-delimiter-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0052-Don-t-send-passwords-after-shim-delimiter-is-found-3.patch of Package salt.4663
From 3cb03cdabaa669d2ba3dfc3198329664a41760d1 Mon Sep 17 00:00:00 2001 From: Nicole Thomas <nicole@saltstack.com> Date: Mon, 16 May 2016 11:01:19 -0600 Subject: [PATCH 52/52] Don't send passwords after shim delimiter is found (#33273) The SSH_PASSWORD_PROMPT_RE regexp used to detect if SSH is requesting a password can be triggered if the shim is returning data to the server with text that matches the regex, including inside JSON results. This then results in the server unable to parse the JSON results. This patch fixes this issue by looking for the shim delimiter in the output and disabling the sending of passwords after the delimiter is found. Fixes #29422. --- salt/client/ssh/shell.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/salt/client/ssh/shell.py b/salt/client/ssh/shell.py index deb6519..cfef9f0 100644 --- a/salt/client/ssh/shell.py +++ b/salt/client/ssh/shell.py @@ -23,6 +23,10 @@ log = logging.getLogger(__name__) SSH_PASSWORD_PROMPT_RE = re.compile(r'(?:.*)[Pp]assword(?: for .*)?:', re.M) KEY_VALID_RE = re.compile(r'.*\(yes\/no\).*') +# Keep these in sync with ./__init__.py +RSTR = '_edbc7885e4f9aac9b83b35999b68d015148caf467b78fa39c05f669c0ff89878' +RSTR_RE = re.compile(r'(?:^|\r?\n)' + RSTR + r'(?:\r?\n|$)') + class NoPasswdError(Exception): pass @@ -354,6 +358,7 @@ class Shell(object): stream_stdout=False, stream_stderr=False) sent_passwd = 0 + send_password = True ret_stdout = '' ret_stderr = '' @@ -364,7 +369,10 @@ class Shell(object): ret_stdout += stdout if stderr: ret_stderr += stderr - if stdout and SSH_PASSWORD_PROMPT_RE.search(stdout): + if stdout and RSTR_RE.search(stdout): + # We're getting results back, don't try to send passwords + send_password = False + if stdout and SSH_PASSWORD_PROMPT_RE.search(stdout) and send_password: if not self.passwd: return '', 'Permission denied, no authentication information', 254 if sent_passwd < passwd_retries: -- 2.10.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor